7 Replies Latest reply on Aug 9, 2012 5:00 AM by ejroberts

    JMS submission to HornetQ Servlet in JBoss 7.1.1 throwing strange IllegalStateException: JBAS018053: No security context found

    ejroberts

      I setup the HornetQ Servlet transport (after reading the docs) with the requisite acceptor, connector and connection factory in the messaging subsystem. I believe the configuration is correct, but whenever I run a JMS Client to submit a message,

      I get an illegalStateException which appears to be associated with the HornetQ Servlet. Prior to adding this configuration I have not seen any of these exceptions.

       

      The HornetQ Server configuration is as follows (with HornetQ Servlet currently deployed as hornetq-servlet.war, hence the context below)

       

       

              
      <hornetq-server>
                  
      <persistence-enabled>true</persistence-enabled>
                  
      <security-domain>other</security-domain>
                  
      <jmx-domain>org.hornetq</jmx-domain>
                  
      <message-counter-enabled>true</message-counter-enabled>
                  
      <message-counter-sample-period>60000</message-counter-sample-period>
                  
      <message-counter-max-day-history>7</message-counter-max-day-history>
                  
      <connection-ttl-override>300000</connection-ttl-override>
                  
      <journal-type>NIO</journal-type>
                  
      <journal-buffer-size>526336</journal-buffer-size>
                  
      <memory-warning-threshold>10</memory-warning-threshold>
      
      
                  
      <connectors>
                      
      <netty-connector name="netty" socket-binding="messaging"/>
                      
      <netty-connector name="netty-throughput" socket-binding="messaging-throughput">
                          
      <param key="batch-delay" value="50"/>
                      
      </netty-connector>
                      
      <netty-connector name="netty-servlet" socket-binding="http">
                          
      <param key="host" value="${jboss.bind.address}"/>
                          
      <param key="use-servlet" value="true"/>
                          
      <param key="servlet-path" value="/hornetq-servlet/HornetQServlet"/>
                      
      </netty-connector>
                      
      <in-vm-connector name="in-vm" server-id="0"/>
                  
      </connectors>
      
      
                  
      <acceptors>
                      
      <acceptor name="netty-servlet">
                          
      <factory-class>org.hornetq.core.remoting.impl.netty.NettyAcceptorFactory</factory-class>
                          
      <param key="use-invm" value="true"/>
                          
      <param key="host" value="org.hornetq"/>
                      
      </acceptor>
                      
      <netty-acceptor name="netty" socket-binding="messaging"/>
                      
      <netty-acceptor name="netty-throughput" socket-binding="messaging-throughput">
                          
      <param key="batch-delay" value="50"/>
                          
      <param key="direct-deliver" value="false"/>
                      
      </netty-acceptor>
                      
      <in-vm-acceptor name="in-vm" server-id="0"/>
                  
      </acceptors>
      
      
                  
      <security-settings>
                      
      <security-setting match="#">
                          
      <permission type="send" roles="guest"/>
                          
      <permission type="consume" roles="guest"/>
                          
      <permission type="createNonDurableQueue" roles="guest"/>
                          
      <permission type="deleteNonDurableQueue" roles="guest"/>
                      
      </security-setting>
                  
      </security-settings>
      
      
                  
      <address-settings>
                      
      <address-setting match="#">
                          
      <dead-letter-address>jms.queue.DLQ</dead-letter-address>
                          
      <expiry-address>jms.queue.ExpiryQueue</expiry-address>
                          
      <redelivery-delay>0</redelivery-delay>
                          
      <max-size-bytes>52428800</max-size-bytes>
                          
      <page-size-bytes>10485760</page-size-bytes>
                          
      <address-full-policy>PAGE</address-full-policy>
                          
      <message-counter-history-day-limit>10</message-counter-history-day-limit>
                      
      </address-setting>
                  
      </address-settings>
      
      
                  
      <jms-connection-factories>
                      
      <connection-factory name="InVmConnectionFactory">
                          
      <connectors>
                              
      <connector-ref connector-name="in-vm"/>
                          
      </connectors>
                          
      <entries>
                              
      <entry name="java:/ConnectionFactory"/>
                          
      </entries>
                          
      <client-failure-check-period>60000</client-failure-check-period>
                          
      <call-timeout>45000</call-timeout>
                          
      <min-large-message-size>525312</min-large-message-size>
                          
      <reconnect-attempts>3</reconnect-attempts>
                      
      </connection-factory>
                      
      <connection-factory name="RemoteConnectionFactory">
                          
      <connectors>
                              
      <connector-ref connector-name="netty"/>
                          
      </connectors>
                          
      <entries>
                              
      <entry name="RemoteConnectionFactory"/>
                              
      <entry name="java:jboss/exported/jms/RemoteConnectionFactory"/>
                          
      </entries>
                          
      <client-failure-check-period>60000</client-failure-check-period>
                          
      <call-timeout>45000</call-timeout>
                          
      <min-large-message-size>525312</min-large-message-size>
                          
      <reconnect-attempts>3</reconnect-attempts>
                      
      </connection-factory>
                      
      <connection-factory name="ServletConnectionFactory">
                          
      <connectors>
                              
      <connector-ref connector-name="netty-servlet"/>
                          
      </connectors>
                          
      <entries>
                              
      <entry name="ServletConnectionFactory"/>
                              
      <entry name="java:jboss/exported/jms/ServletConnectionFactory"/>
                          
      </entries>
                          
      <client-failure-check-period>60000</client-failure-check-period>
                          
      <call-timeout>45000</call-timeout>
                          
      <min-large-message-size>525312</min-large-message-size>
                          
      <reconnect-attempts>3</reconnect-attempts>
                      
      </connection-factory>
                      
      <pooled-connection-factory name="hornetq-ra">
                          
      <transaction mode="xa"/>
                          
      <connectors>
                              
      <connector-ref connector-name="in-vm"/>
                          
      </connectors>
                          
      <entries>
                              
      <entry name="java:/JmsXA"/>
                          
      </entries>
                      
      </pooled-connection-factory>
                  
      </jms-connection-factories>
      
      
                  
      <jms-destinations>
                      
      <jms-queue name="test">
                          
      <entry name="java:/jboss/exported/jms/queue/test"/>
                          
      <durable>false</durable>
                      
      </jms-queue>
                  
      </jms-destinations>
              
      </hornetq-server>
      
      
      

       

      The JMS Client code (I took an example from another thread and added close calls to the requisite parts)

       

       

          
      InitialContext initialContext = null;
          
      Connection connection = null;
          
      Session session = null;
          
      try {
      
      
              
      final Properties env = new Properties();
              
      env.put(Context.INITIAL_CONTEXT_FACTORY,
                      
      JNDI_CONTEXT_FACTORY);
              
      env.put(Context.PROVIDER_URL, JNDI_CONNECTION_URL);
              
      env.put(Context.SECURITY_PRINCIPAL, USER_NAME);
              
      env.put(Context.SECURITY_CREDENTIALS, USER_PWD);
      
      
              
      // Step 1. Create an initial context to perform the JNDI lookup.
              
      initialContext = new InitialContext(env);
      
      
              
      // Step 2. Perform a lookup on the queue
              
      Queue queue = (Queue) initialContext.lookup(JNDI_PUBLIC_NAME_FOR_QUEUE);
      
      
              
      // Step 3. Perform a lookup on the Connection Factory
              
      ConnectionFactory cf = (ConnectionFactory) initialContext
                      
      .lookup(JNDI_PUBLIC_NAME_FOR_CONNECTION_FACTORY);
      
      
              
      // Step 4.Create a JMS Connection
              
      connection = cf.createConnection(env.getProperty(Context.SECURITY_PRINCIPAL), env.getProperty(Context.SECURITY_CREDENTIALS));
      
      
              
      System.out.println("connection created: " + connection);
      
      
              
      // Step 5. Create a JMS Session
              
      session = connection.createSession(false,
                      
      Session.AUTO_ACKNOWLEDGE);
      
      
              
      // Step 6. Create a JMS Message Producer
              
      MessageProducer producer = session.createProducer(queue);
      
      
              
      // Step 7. Create a Text Message
              
      TextMessage message = session.createTextMessage("This is a text message");
      
      
              
      // Step 8. Send the Message
              
      producer.send(message);
              
      
              
      System.out.println("Sent message: " + message.getText());
              
      
              
      // Step 8b. Close the Producer
              
      producer.close();
              
      
              
      // Step 9. Create a JMS Message Consumer
              
      MessageConsumer messageConsumer = session.createConsumer(queue);
      
      
              
      // Step 10. Start the Connection
              
      connection.start();
      
      
              
      // Step 11. Receive the message
              
      TextMessage messageReceived = (TextMessage) messageConsumer
                      
      .receive(5000);
      
      
              
      System.out.println("Received message: " + messageReceived.getText());
      
      
              
      // Step 11b. Close the Producer
              
      messageConsumer.close();
      
      
              
      // Step 11c. Close the Session
              
      session.close();
              
      
          
      } catch (Exception e) {
              
      e.printStackTrace();
          
      } finally {
              
      // Step 12. Be sure to close our JMS resources!
              
      
              
      if (connection != null) {
                  
      connection.close();
              
      }
      
      
              
      if (initialContext != null) {
                  
      initialContext.close();
              
      }
          
      }
      
      
      

       

      The exception I am getting in jboss is

       

       

      2012-08-08 11:05:02,210 ERROR [org.apache.catalina.connector.CoyoteAdapter](http-executor-threads - 1) An exception or error occurred in the container during the request processing: java.lang.IllegalStateException: JBAS018053: No security context found
          at org.jboss.as.web.security.SecurityActions$6.run(SecurityActions.java:136)
          at org.jboss.as.web.security.SecurityActions$6.run(SecurityActions.java:130)
          at java.security.AccessController.doPrivileged(Native Method)
          at org.jboss.as.web.security.SecurityActions.popRunAsIdentity(SecurityActions.java:130)
          at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:155)
          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
          at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
          at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)
          at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:518)
          at org.jboss.threads.SimpleDirectExecutor.execute(SimpleDirectExecutor.java:33)
          at org.jboss.threads.QueueExecutor.runTask(QueueExecutor.java:801)
          at org.jboss.threads.QueueExecutor.access$100(QueueExecutor.java:45)
          at org.jboss.threads.QueueExecutor$Worker.run(QueueExecutor.java:821)
          at java.lang.Thread.run(Thread.java:662)
          at org.jboss.threads.JBossThread.run(JBossThread.java:122)
      

       

      Any ideas ?

        • 1. Re: JMS submission to HornetQ Servlet in JBoss 7.1.1 throwing strange IllegalStateException: JBAS018053: No security context found
          jmesnil

          Ed Roberts wrote:

           

          I setup the HornetQ Servlet transport (after reading the docs) with the requisite acceptor, connector and connection factory in the messaging subsystem. I believe the configuration is correct, but whenever I run a JMS Client to submit a message,

          I get an illegalStateException which appears to be associated with the HornetQ Servlet. Prior to adding this configuration I have not seen any of these exceptions.

           

          The HornetQ Server configuration is as follows (with HornetQ Servlet currently deployed as hornetq-servlet.war, hence the context below)

           

           

                  
          <security-domain>other</security-domain>
          

          Any ideas ?

          Have you properly configure this "other" security domain?

          • 2. Re: JMS submission to HornetQ Servlet in JBoss 7.1.1 throwing strange IllegalStateException: JBAS018053: No security context found
            ejroberts

            Hi Jeff. Thanks for the response.

             

            I have the following in my security subsystem

             

             

                
            <subsystem xmlns="urn:jboss:domain:security:1.1">
                    
            <security-domains>
                        
            <security-domain name="other" cache-type="default">
                            
            <authentication>
                                
            <login-module code="Remoting" flag="optional">
                                    
            <module-option name="password-stacking" value="useFirstPass"/>
                                
            </login-module>
                                
            <login-module code="RealmUsersRoles" flag="required">
                                    
            <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
                                    
            <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
                                    
            <module-option name="realm" value="ApplicationRealm"/>
                                    
            <module-option name="password-stacking" value="useFirstPass"/>
                                
            </login-module>
                            
            </authentication>
                        
            </security-domain>
                        
            <security-domain name="jboss-web-policy" cache-type="default">
                            
            <authorization>
                                
            <policy-module code="Delegating" flag="required"/>
                            
            </authorization>
                        
            </security-domain>
                        
            <security-domain name="jboss-ejb-policy" cache-type="default">
                            
            <authorization>
                                
            <policy-module code="Delegating" flag="required"/>
                            
            </authorization>
                        
            </security-domain>
                    
            </security-domains>
                
            </subsystem>
            
            
            

             

            I believe this is the standard setup referenced in the example standalone files

             

            Thanks for the help

            • 3. Re: JMS submission to HornetQ Servlet in JBoss 7.1.1 throwing strange IllegalStateException: JBAS018053: No security context found
              jmesnil

              sorry, I am not an expert on AS7 security configuration. You should ask on AS7 user forum, I don't think your issue is related to HornetQ, it seems to occur well before when the security context is associated to the servlet

              • 4. Re: JMS submission to HornetQ Servlet in JBoss 7.1.1 throwing strange IllegalStateException: JBAS018053: No security context found
                ejroberts

                Thanks for your input Jeff. I'll pop this on the other forum as you say.

                • 5. Re: JMS submission to HornetQ Servlet in JBoss 7.1.1 throwing strange IllegalStateException: JBAS018053: No security context found
                  ejroberts

                  I have noticed (wasn't sure before if it was intermitten) that I am also getting the following error prior to the exception in the jboss server log

                   

                  2012-08-08 16:12:00,131 ERROR [org.jboss.remoting.remote.connection](Remoting "node1" read-1) JBREM000200: Remote connection failed: java.io.IOException: An established connection was aborted by the software in your host machine

                   

                  Does this shed any light at all ?

                  • 6. Re: JMS submission to HornetQ Servlet in JBoss 7.1.1 throwing strange IllegalStateException: JBAS018053: No security context found
                    ejroberts

                    Oops. With the following info line preceding it

                     

                    2012-08-08 16:12:00,131 INFO  [org.jboss.as.naming](Remoting "node1" task-3) JBAS011806: Channel end notification received, closing channel Channel ID 1d259935 (inbound) of Remoting connection 01288e12 to /10.1.11.103:4101

                    • 7. Re: JMS submission to HornetQ Servlet in JBoss 7.1.1 throwing strange IllegalStateException: JBAS018053: No security context found
                      ejroberts

                      After doing some debugging, it turns out that HornetQSecurityManagerAS7 is not working correctly.

                      Initially the security context is setup by JBossWeb with a jboss-web-policy context. During the messaging phase, the security context is being replaced by the HornetQ. It is aiming to treat this as a push-pop

                      of the security context, but in reality, the new security context is pushed and then simply cleared, later on causing the exception.

                       

                      I'll check to see if this has been rectified and if not raise an issue on the messaging component